Anolis OS update for kernel

Published: 2023-09-15 | Updated: 2025-03-28

Risk	Medium
Patch available	YES
Number of vulnerabilities	22
CVE-ID	CVE-2022-3108 CVE-2023-2006 CVE-2023-2156 CVE-2023-3090 CVE-2023-31084 CVE-2023-3111 CVE-2023-3117 CVE-2023-3161 CVE-2023-3212 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828 CVE-2023-35829 CVE-2023-3609 CVE-2023-3610 CVE-2023-3611 CVE-2023-3773 CVE-2023-3776 CVE-2023-3812 CVE-2023-4004 CVE-2023-4128 CVE-2023-4147
CWE-ID	CWE-252 CWE-362 CWE-617 CWE-787 CWE-833 CWE-416 CWE-682 CWE-476 CWE-125
Exploitation vector	Network
Public exploit	Public exploit code for vulnerability #20 is available. Public exploit code for vulnerability #22 is available.
Vulnerable software	Anolis OS Operating systems & Components / Operating system kernel-modules-internal Operating systems & Components / Operating system package or component python3-perf Operating systems & Components / Operating system package or component perf Operating systems & Components / Operating system package or component kernel-tools-libs-devel Operating systems & Components / Operating system package or component kernel-tools-libs Operating systems & Components / Operating system package or component kernel-tools Operating systems & Components / Operating system package or component kernel-modules-extra Operating systems & Components / Operating system package or component kernel-modules Operating systems & Components / Operating system package or component kernel-headers Operating systems & Components / Operating system package or component kernel-devel Operating systems & Components / Operating system package or component kernel-debug-modules-extra Operating systems & Components / Operating system package or component kernel-debug-modules Operating systems & Components / Operating system package or component kernel-debug-devel Operating systems & Components / Operating system package or component kernel-debug-core Operating systems & Components / Operating system package or component kernel-debug Operating systems & Components / Operating system package or component kernel-core Operating systems & Components / Operating system package or component kernel Operating systems & Components / Operating system package or component bpftool Operating systems & Components / Operating system package or component
Vendor	OpenAnolis

Security Bulletin

This security bulletin contains information about 22 vulnerabilities.

1) Unchecked Return Value

EUVDB-ID: #VU71539

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-3108

CWE-ID: CWE-252 - Unchecked Return Value

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to unchecked return value within the kfd_parse_subtype_iolink() function in drivers/gpu/drm/amd/amdkfd/kfd_crat.c. A local user can crash the kernel.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Race condition

EUVDB-ID: #VU75104

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-2006

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the processing of RxRPC bundles in net/rxrpc/ar-internal.h. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Reachable Assertion

EUVDB-ID: #VU76392

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-2156

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion when handling IPv6 RPL protocol. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds write

EUVDB-ID: #VU78010

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3090

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the ipvlan network driver in Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Deadlock

EUVDB-ID: #VU77246

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-31084

CWE-ID: CWE-833 - Deadlock

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a deadlock in drivers/media/dvb-core/dvb_frontend.c when a task is in !TASK_RUNNING. A local user can trigger a deadlock and crash the kernel.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU77911

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3111

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the prepare_to_relocate() function in fs/btrfs/relocation.c in btrfs in the Linux Kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU78457

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3117

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the Netfilter subsystem. A local user with CAP_NET_ADMIN capability can trigger the use-after-free error and execute arbitrary code on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Incorrect calculation

EUVDB-ID: #VU77956

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3161

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation in the Framebuffer Console (fbcon) in the Linux kernel. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) NULL pointer dereference

EUVDB-ID: #VU78009

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3212

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the gfs2 file system in the Linux kernel. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Race condition

EUVDB-ID: #VU77957

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-35823

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the saa7134_finidev() function in drivers/media/pci/saa7134/saa7134-core.c. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use-after-free

EUVDB-ID: #VU78062

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-35824

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dm1105_remove() function in drivers/media/pci/dm1105/dm1105.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Race condition

EUVDB-ID: #VU77958

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-35828

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the renesas_usb3_remove() function in drivers/usb/gadget/udc/renesas_usb3.c. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Use-after-free

EUVDB-ID: #VU78264

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-35829

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rkvdec_remove() function in drivers/staging/media/rkvdec/rkvdec.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free

EUVDB-ID: #VU78941

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3609

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the Linux kernel net/sched: cls_u32 component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU78779

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3610

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nf_tables component in Linux kernel netfilter. A local user with CAP_NET_ADMIN capability can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Out-of-bounds write

EUVDB-ID: #VU78943

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3611

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the qfq_change_agg() function in net/sched/sch_qfq.c within the Linux kernel net/sched: sch_qfq component. A local user trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Out-of-bounds read

EUVDB-ID: #VU80579

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3773

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in IP framework for transforming packets (XFRM subsystem). A local user with CAP_NET_ADMIN privileges can cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes and gain access to sensitive information.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Use-after-free

EUVDB-ID: #VU79285

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3776

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the Linux kernel's net/sched: cls_fw component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Out-of-bounds write

EUVDB-ID: #VU78928

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3812

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the TUN/TAP device driver in Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Use-after-free

EUVDB-ID: #VU79498

Risk: Low

CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2023-4004

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. A local user can execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

21) Use-after-free

EUVDB-ID: #VU79486

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4128

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free

EUVDB-ID: #VU79713

Risk: Low

CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2023-4147

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-modules-internal: before 5.10.134-15.2

python3-perf: before 5.10.134-15.2

perf: before 5.10.134-15.2

kernel-tools-libs-devel: before 5.10.134-15.2

kernel-tools-libs: before 5.10.134-15.2

kernel-tools: before 5.10.134-15.2

kernel-modules-extra: before 5.10.134-15.2

kernel-modules: before 5.10.134-15.2

kernel-headers: before 5.10.134-15.2

kernel-devel: before 5.10.134-15.2

kernel-debug-modules-extra: before 5.10.134-15.2

kernel-debug-modules: before 5.10.134-15.2

kernel-debug-devel: before 5.10.134-15.2

kernel-debug-core: before 5.10.134-15.2

kernel-debug: before 5.10.134-15.2

kernel-core: before 5.10.134-15.2

kernel: before 5.10.134-15.2

bpftool: before 5.10.134-15.2

CPE2.3

External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0524

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.